Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/10/24 5:33 p.m.15 views

CVE-2025-34155

Tibbo AggreGate Network Manager 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can...

6.9CVSS7AI score0.00647EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/23 4:30 p.m.6 views

CVE-2025-34156 Tibbo AggreGate Network Manager < 6.40.05 System Information Exposure

Tibbo AggreGate Network Manager 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could ai...

6.9CVSS0.00338EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2024/12/19 12:0 a.m.5 views

Tibbo Aggregate Network Manager UploaderTempFileController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tibbo Aggregate Network Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the UploaderTempFileController class. The issue results from the lack of...

8.8CVSS7.5AI score0.00575EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.3 views

Tibbo AggreGate Network Manager 代码问题漏洞

Tibbo AggreGate Network Manager is a network monitoring and IT management platform from Tibbo. A code issue vulnerability exists in Tibbo AggreGate Network Manager version 6.34.02 and prior versions, which stems from an unrestricted file upload. An attacker can use this vulnerability to upload a...

8.8CVSS7.2AI score0.00575EPSS
Exploits0References2
Rows per page
Query Builder